diff options
author | Dr. Stephen Henson <steve@openssl.org> | 1999-12-10 13:46:48 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 1999-12-10 13:46:48 +0000 |
commit | d8223efd04f8526b602209ee5f39c06fa300beea (patch) | |
tree | 7044ee8ece86c78beda2c8480d189714410c2d5e /crypto/asn1/a_int.c | |
parent | e3775a33c1ee5aa845527c3fd9aac11426eac8c5 (diff) |
Fix for crashing INTEGERs, ENUMERATEDs and OBJECT IDENTIFIERs.
Also fix a memory leak in PKCS#7 routines.
Diffstat (limited to 'crypto/asn1/a_int.c')
-rw-r--r-- | crypto/asn1/a_int.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index 7ed99eb399..bcbdc7d4e1 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -202,7 +202,12 @@ ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, goto err; } to=s; - if (*p & 0x80) /* a negative number */ + if(!len) { + /* Strictly speaking this is an illegal INTEGER but we + * tolerate it. + */ + ret->type=V_ASN1_INTEGER; + } else if (*p & 0x80) /* a negative number */ { ret->type=V_ASN1_NEG_INTEGER; if ((*p == 0xff) && (len != 1)) { @@ -301,7 +306,8 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp, goto err; } to=s; - ret->type=V_ASN1_INTEGER; + ret->type=V_ASN1_INTEGER; + if(len) { if ((*p == 0) && (len != 1)) { p++; @@ -309,6 +315,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp, } memcpy(s,p,(int)len); p+=len; + } if (ret->data != NULL) Free((char *)ret->data); ret->data=s; |